Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Fi4vlpOO6H4Mbtx6Ysrix2i8Iyk.roa
File: Fi4vlpOO6H4Mbtx6Ysrix2i8Iyk.roa (raw, json)
Hash identifier: 3nKmbkiRLunXu+0GBETyPTc5FM4FPHntmmlio6NXYNU=
Subject key identifier: 16:2E:2F:96:93:8E:E8:7E:0C:6E:DC:7A:62:CA:E2:C7:68:BC:23:29
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 018B47BA81ADC834BF6B811A7F765EEA6312
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Fi4vlpOO6H4Mbtx6Ysrix2i8Iyk.roa
Signing time: Thu 19 Oct 2023 11:38:06 +0000
ROA not before: Thu 19 Oct 2023 11:38:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 5.253.184.0/23 maxlen: 23
185.114.204.0/24 maxlen: 24
5.253.187.0/24 maxlen: 24
193.135.220.0/22 maxlen: 22
88.214.0.0/24 maxlen: 24
88.214.1.0/24 maxlen: 24
88.214.2.0/24 maxlen: 24
88.214.3.0/24 maxlen: 24
88.218.196.0/22 maxlen: 22
185.219.160.0/24 maxlen: 24
185.219.161.0/24 maxlen: 24
185.219.163.0/24 maxlen: 24
45.81.161.0/24 maxlen: 24
45.81.162.0/24 maxlen: 24
45.81.163.0/24 maxlen: 24
45.130.33.0/24 maxlen: 24
45.130.34.0/23 maxlen: 23
193.111.184.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:ba:81:ad:c8:34:bf:6b:81:1a:7f:76:5e:ea:63:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Oct 19 11:38:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=162e2f96938ee87e0c6edc7a62cae2c768bc2329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bc:c2:fb:31:74:eb:93:99:0b:05:28:91:b6:
41:3c:2b:58:28:be:06:d4:c6:57:31:73:b1:42:3e:
fb:56:e7:07:84:fd:d6:57:3e:39:2a:88:4e:5a:2a:
6e:38:3d:b1:ae:2d:8e:42:07:c3:b0:91:cf:ee:86:
bd:41:b1:46:8f:1c:da:27:63:7e:7a:e8:a2:9a:ea:
e4:d1:be:76:e0:87:eb:3f:84:89:d2:ec:e1:b5:b0:
77:1a:48:1d:de:77:7f:98:79:ac:a6:98:df:04:d6:
67:51:fb:78:3c:20:7e:be:30:39:7c:5f:1e:f9:18:
8b:d4:f2:96:d4:cc:7f:ed:7b:a6:a1:4f:95:00:3d:
24:0d:db:38:33:6d:f2:89:d0:d1:ad:03:41:e2:84:
ce:d7:44:12:a2:c0:ca:7f:31:ad:6d:07:d9:1a:3a:
78:ec:cd:9e:49:fb:c7:ab:d2:7b:10:b5:e1:cb:b5:
af:c4:35:26:44:3b:d4:98:35:83:68:85:cf:4d:b6:
63:80:8f:0a:5c:04:1e:85:37:d7:38:6a:ba:5c:12:
d5:f4:87:34:ca:8d:b8:fa:bf:ef:92:37:19:b9:0e:
6d:5e:70:35:90:14:58:1c:76:ef:56:5d:d4:64:2f:
d7:16:53:bd:24:1b:28:e1:34:16:15:54:7c:98:94:
79:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2E:2F:96:93:8E:E8:7E:0C:6E:DC:7A:62:CA:E2:C7:68:BC:23:29
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/Fi4vlpOO6H4Mbtx6Ysrix2i8Iyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.184.0/23
5.253.187.0/24
45.81.161.0-45.81.163.255
45.130.33.0-45.130.35.255
88.214.0.0/22
88.218.196.0/22
185.114.204.0/24
185.219.160.0/23
185.219.163.0/24
193.111.184.0/22
193.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
05:61:77:c8:a9:ec:dc:01:5e:6b:72:93:49:42:80:59:ad:56:
3b:c0:57:1f:59:22:e5:a5:76:ab:3c:f8:7d:2e:69:66:7c:68:
dd:48:5f:3a:ae:8c:8f:3b:2d:c6:90:f4:19:ec:de:81:c5:5d:
40:f9:5c:ab:71:3e:c9:05:07:35:df:08:c4:ad:e8:f2:76:ae:
58:da:76:a8:70:a3:9d:b9:38:e0:f8:17:74:e7:a1:ad:a6:78:
d9:5c:3e:3d:43:43:bb:08:4e:94:09:09:32:72:db:9a:21:d2:
c2:e1:96:b1:b5:b1:94:a5:e3:f6:de:73:05:54:84:02:85:20:
66:f9:92:aa:7b:95:72:4b:e9:b5:cf:6e:43:a9:dd:ff:5f:43:
7e:40:80:b3:91:29:67:96:17:84:0c:78:bc:c0:ed:9c:19:b8:
db:e0:aa:da:c8:27:da:c7:fc:54:28:c6:49:02:3d:48:1b:ae:
4f:cb:ca:6c:33:4d:88:c7:69:15:d6:94:2a:6a:d9:fe:9f:aa:
8c:db:80:76:c2:b5:07:a9:86:ee:eb:ce:24:2b:2d:41:24:b2:
19:7b:7a:ea:60:23:a1:fe:02:d7:77:d1:76:84:dd:de:77:cc:
ea:e7:f1:a7:d3:22:5a:c6:5f:1f:71:44:b6:ac:cc:f8:b4:0d:
c6:11:94:7c
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYtHuoGtyDS/a4Eaf3Ze6mMSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMxMDE5MTEzODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjJlMmY5NjkzOGVlODdlMGM2ZWRjN2E2MmNhZTJjNzY4YmMyMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrzC+zF065OZCwUokbZBPCtYKL4G
1MZXMXOxQj77VucHhP3WVz45KohOWipuOD2xri2OQgfDsJHP7oa9QbFGjxzaJ2N+
euiimurk0b524IfrP4SJ0uzhtbB3Gkgd3nd/mHmsppjfBNZnUft4PCB+vjA5fF8e
+RiL1PKW1Mx/7XumoU+VAD0kDds4M23yidDRrQNB4oTO10QSosDKfzGtbQfZGjp4
7M2eSfvHq9J7ELXhy7WvxDUmRDvUmDWDaIXPTbZjgI8KXAQehTfXOGq6XBLV9Ic0
yo24+r/vkjcZuQ5tXnA1kBRYHHbvVl3UZC/XFlO9JBso4TQWFVR8mJR5HQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFBYuL5aTjuh+DG7cemLK4sdovCMpMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvRmk0dmxwT082SDRNYnR4Nllzcml4Mmk4SXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQBBf24AwQA
Bf27MAwDBAAtUaEDBAItUaAwDAMEAC2CIQMEAi2CIAMEAljWAAMEAljaxAMEALly
zAMEAbnboAMEALnbowMEAsFvuAMEAsGH3DANBgkqhkiG9w0BAQsFAAOCAQEABWF3
yKns3AFea3KTSUKAWa1WO8BXH1ki5aV2qzz4fS5pZnxo3UhfOq6MjzstxpD0Geze
gcVdQPlcq3E+yQUHNd8IxK3o8nauWNp2qHCjnbk44PgXdOehraZ42Vw+PUNDuwhO
lAkJMnLbmiHSwuGWsbWxlKXj9t5zBVSEAoUgZvmSqnuVckvptc9uQ6nd/19DfkCA
s5EpZ5YXhAx4vMDtnBm42+Cq2sgn2sf8VCjGSQI9SBuuT8vKbDNNiMdpFdaUKmrZ
/p+qjNuAdsK1B6mG7uvOJCstQSSyGXt66mAjof4C13fRdoTd3nfM6ufxp9MiWsZf
H3FEtqzM+LQNxhGUfA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:34 2024 by rpki-client on console-fra.rpki-client.org